CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2060

ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.092

EPSS Ranking 92.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.html
http://ferruh.mavituna.com/article/?574
http://marc.info/?l=bugtraq&m=109086977330418&w=2
http://secunia.com/advisories/12164
http://securitytracker.com/id?1010777
http://www.osvdb.org/8253
http://www.securityfocus.com/bid/10799
https://exchange.xforce.ibmcloud.com/vulnerabilities/16802
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.html
http://ferruh.mavituna.com/article/?574
http://marc.info/?l=bugtraq&m=109086977330418&w=2
http://secunia.com/advisories/12164
http://securitytracker.com/id?1010777
http://www.osvdb.org/8253
http://www.securityfocus.com/bid/10799
https://exchange.xforce.ibmcloud.com/vulnerabilities/16802

Products affected by CVE-2004-2060

Xlinesoft » Asprunner » Version: 1.0

cpe:2.3:a:xlinesoft:asprunner:1.0
Xlinesoft » Asprunner » Version: 2.0

cpe:2.3:a:xlinesoft:asprunner:2.0
Xlinesoft » Asprunner » Version: 2.1

cpe:2.3:a:xlinesoft:asprunner:2.1
Xlinesoft » Asprunner » Version: 2.2

cpe:2.3:a:xlinesoft:asprunner:2.2
Xlinesoft » Asprunner » Version: 2.3

cpe:2.3:a:xlinesoft:asprunner:2.3
Xlinesoft » Asprunner » Version: 2.4

cpe:2.3:a:xlinesoft:asprunner:2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2060

Products

Pricing

Contact Us